GDPR Notice

GDPR Notice – Xgrow Global

This GDPR Notice explains how Xgrow Global (“Company”, “we”, “our”, or “us”) processes personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws, including the LGPD (Brazil) and CCPA/CPRA (California). We are committed to handling your information with transparency, security, and responsibility.

1. Personal Data We Collect

We may collect personal data when you interact with our website, request information, participate in our programs, or use our services. This may include:

  • Name and contact details
  • Professional or business information
  • Communication records (forms, messages, calls)
  • Technical data such as IP address, device type, browser information, cookies, and analytics identifiers
  • Any information voluntarily submitted through online forms or service interactions

We only collect the data necessary for the purposes outlined below.

2. Purpose and Legal Basis for Processing

We process your personal data based on the following legal grounds and purposes:

Performance of a Contract or Pre-Contractual Measures

  • Providing services, programs, and digital products
  • Managing user accounts and communications

Legitimate Interests

  • Improving our services, content, and website functionality
  • Ensuring system security and fraud prevention
  • Conducting analytics and internal operations

Consent

  • Sending newsletters and marketing communications
  • Collecting optional information through forms

Legal Obligations

  • Maintaining administrative, tax, or regulatory records

We do not use automated decision-making that produces significant legal effects.

3. Data Retention and Security

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal requirements.

We apply appropriate technical and organizational measures, including but not limited to:

  • Access controls
  • Data encryption where appropriate
  • Secure hosting and monitoring
  • Vendor compliance assessments

4. Your Data Protection Rights

Depending on your location (EEA, UK, Brazil, California, or other jurisdictions with privacy laws), you may have the right to:

  • Request access to your personal data
  • Request rectification or updates
  • Request deletion (“right to be forgotten”)
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent at any time when consent is the lawful basis

To exercise these rights, contact us at:
📩 contact@xgrowglobal.com

We will respond in accordance with applicable regulations.

5. Sharing and Disclosure

We may share personal data with:

  • Service providers supporting our operations (hosting, CRM, analytics, email delivery, marketing tools)
  • Business partners involved in delivering requested services
  • Governmental or regulatory authorities when required by law

All third parties must follow privacy and security standards consistent with GDPR.

6. International Data Transfers

Because Xgrow Global operates internationally, your personal data may be transferred to countries outside your region.
Transfers are made only when appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions
  • Contractual protections ensuring data security

7. Data Protection Contact

For any privacy-related questions or data rights requests, please contact:
📩 contact@xgrowglobal.com

8. Updates to This Notice

We may update this Notice periodically to reflect changes in our services, legal requirements, or data processing practices. The most recent version will always be available on this page.

Disclaimer

This GDPR Notice is intended for transparency and compliance purposes and does not constitute legal advice.